Der Tor Browser in Tails 5.0 und früher ist unsicher für sensible Informationen.

We recommend that you stop using Tails until the release of 5.1 (early June) if you use Tor Browser for sensitive information (passwords, private messages, personal information, etc.).

Eine Sicherheitslücke wurde in der JavaScript-Engine von Firefox und Tor Browser entdeckt. Siehe das Mozilla Foundation Security Advisory 2022-19

This vulnerability allows a malicious website to bypass some of the security built in Tor Browser and access information from other websites.

For example, after you visit a malicious website, an attacker controlling this website might access the password or other sensitive information that you send to other websites afterwards during the same Tails session.

This vulnerability doesn't break the anonymity and encryption of Tor connections.

For example, it is still safe and anonymous to access websites from Tails if you don't share sensitive information with them.

Nachdem Tor Browser kompromittiert wurde, besteht die einzige zuverlässige Lösung darin, Tails neu zu starten.

Other applications in Tails are not vulnerable. Thunderbird in Tails is not vulnerable because JavaScript is disabled.

The Safest security level of Tor Browser is not affected because JavaScript is disabled at this security level.

This vulnerability will be fixed in Tails 5.1 (early June), but our team doesn't have the capacity to publish an emergency release earlier.